It's actually mildly worse than that. The hub sends an if-modified-since request and is happy to take a 304, so that's all an attacker would need to send. But it's not clear what it would be meaningfully able to do if an attacker just inserted 404s instead, so I suspect the answer remains "Don't lose control of your DNS"
no subject